Solved

Postfix & PGP

Posted on 2006-07-11
5
1,563 Views
Last Modified: 2008-03-10
I'm looking to harden my email server and one of the things I want to do is store inbound email on the server in PGP encrypted form.  Email arrives via SMTP unencrypted and I want to have it encrypted before it is stored in the Mailbox.  The point is to safeguard against email being picked up in the event that someone should breech the security of the server and gain access to files and or gain access to pop3 or imap.  The pgp encrypted email would be downloaded by the client and unencrypted by software on the client.  Can anyone point me in the right direction for finding such a filter for Postfix?

Thanks!
0
Comment
Question by:phasevar
  • 3
  • 2
5 Comments
 
LVL 39

Expert Comment

by:noci
ID: 17088543
If your server is breached you're toast anyway, the intruder will be able find your pgp script and known some keys/passwords etc.

If you need POP et al. At least use RPOP version of the protocol, or use SSL based versions of POP and IMAP.
this to prevent snooping and eavesdropping.

I have no knowledge of any imap/pop-servers that support your original request.  It also won't help the performance
of your mail solution. As POP & IMAP need access to the mail to make an index. ==> have to decrypt all
before supplying an answer to the first question from any client, "can I have all headers please":


0
 
LVL 39

Expert Comment

by:noci
ID: 17088553
BTW,

cyrus-imap server might be the way to go, it uses a database to store stuff..., at least raises the bar a little.
and it's a quite fast server.
0
 

Author Comment

by:phasevar
ID: 17091785
noci, PGP is public-key cryptography.  The server should only have a public key for each mailbox and the private keys needed to decrypt the messages are stored on each client.  So in event of a server breach, encrypted mail should not be able to be read without the private key.

As for indexing, I don't think pgp encrypts the headers.  PGP is used in mail already, but usually it's encrypted by the sender, not the receiving mail server.  If it travels through the mail system now, it has to have plaintext headers.

It's not the imap/pop server that would need pgp support.  It would be a filter in the Postfix incoming SMTP stage during mail queue delivery to local addresses.

Thanks for the tip on cyrus.  I've wondered about database storage for mailboxes.
0
 
LVL 39

Accepted Solution

by:
noci earned 500 total points
ID: 17093591
I assumed you wanted to encrypt the message as a whole (including the headers).
As far as mail is concerned SMTP wise there are two things...
= The Envelope (containing Sender & Receipent(s)) that only lives when a message travels from MTA => MTA and the enveloppe
    is lost on delivery at a MUA  (MTA= Mail Transfer Agent, aka postman; MUA = Useragent aka Mail Store/Mailbox + retrieval tools).
= The Content (Whole message Headers + content as one blob) The separation between header and message is on the first empty line.

Your option needs a special kind of MUA I haven't yet seen. You'll need a tool that first splits the message into its parts and the assembles
all the parts again with encryption. It can be done, but what's the point...,

The message travels across other mta's where it's not protected (you can find out how many by reading the "Received lines" in the header).
During transmission over cables it is sent in clear text, anybody with access to the right part of the cable can tap into it.
In Europe your message will end up in at least one government database as part of "Anti-Terrorist" legislation. All ISP's have to comply Jan 1st, 2007
at the latest.

Therefore if you want to  prevent access everybody needs  to encrypt their message at the source... The sender.
0
 

Author Comment

by:phasevar
ID: 17101882
Ideally all senders would encrypt their messages but that's just wishful thinking.  For instance, I don't see Amazon.com sending out receipts in pgp anytime soon.

I know the whole chain isn't secure and that email passes through many points before it reaches my server but I was just hoping to add that little bit of extra security in the event that someone were to breach the server security and gain access to the mail files.  Obviously that would do nothing to circumvent the man-in-the-middle who is actively watching for the mail.

Thanks for your help.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now